helm安装kubernetes的插件istio
1.安装istio
要使用Helm自定义Istio安装,请使用--set <key>=<value>Helm命令中的选项覆盖一个或多个值
怎么使用选项配置请查看官网https://istio.io/docs/reference/config/installation-options/#servicegraph-options
模块说明
https://istio.io/docs/concepts/traffic-management/
https://blog.fleeto.us/post/istio-0.8.0-helm/
certmanagergalleygatewaysglobalgrafanaistio_cniistiocorednskialimixernodeagentpilotprometheussecurityservicegraphsidecarInjectorWebhooktracing
[root@master istio-1.1.]# helm template install/kubernetes/helm/istio \
--name istio --namespace istio-system \
--set sidecarInjectorWebhook.enabled=true \
--set ingress.service.type=NodePort \
--set gateways.istio-ingressgateway.type=NodePort \
--set gateways.istio-egressgateway.type=NodePort \
--set tracing.enabled=true \
--set servicegraph.enabled=true \
--set prometheus.enabled=true \
--set tracing.jaeger.enabled=true \
--set grafana.enabled=true > istio.yaml
[root@master istio-1.1.5]# kubectl create namespace istio-system
[root@master istio-1.1.]# kubectl apply -f istio.yaml
poddisruptionbudget.policy/istio-galley unchanged
poddisruptionbudget.policy/istio-ingressgateway unchanged
poddisruptionbudget.policy/istio-policy unchanged
poddisruptionbudget.policy/istio-telemetry unchanged
poddisruptionbudget.policy/istio-pilot unchanged
configmap/istio-galley-configuration unchanged
configmap/istio-grafana-custom-resources unchanged
configmap/istio-grafana-configuration-dashboards-galley-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-mesh-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-performance-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-service-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-workload-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-mixer-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-pilot-dashboard unchanged
configmap/istio-grafana unchanged
configmap/prometheus unchanged
configmap/istio-security-custom-resources unchanged
configmap/istio configured
configmap/istio-sidecar-injector configured
serviceaccount/istio-galley-service-account unchanged
serviceaccount/istio-ingressgateway-service-account unchanged
serviceaccount/istio-grafana-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-grafana-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-grafana-post-install-role-binding-istio-system unchanged
job.batch/istio-grafana-post-install-1.1. unchanged
serviceaccount/istio-mixer-service-account unchanged
serviceaccount/istio-pilot-service-account unchanged
serviceaccount/prometheus unchanged
serviceaccount/istio-cleanup-secrets-service-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
job.batch/istio-cleanup-secrets-1.1. unchanged
serviceaccount/istio-security-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-security-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-security-post-install-role-binding-istio-system unchanged
job.batch/istio-security-post-install-1.1. unchanged
serviceaccount/istio-citadel-service-account unchanged
serviceaccount/istio-sidecar-injector-service-account unchanged
serviceaccount/istio-multi unchanged
clusterrole.rbac.authorization.k8s.io/istio-galley-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-mixer-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-sidecar-injector-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-reader unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-galley-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-mixer-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-sidecar-injector-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-multi unchanged
role.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
rolebinding.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
service/istio-galley unchanged
service/istio-ingressgateway configured
service/grafana unchanged
service/istio-policy unchanged
service/istio-telemetry unchanged
service/istio-pilot unchanged
service/prometheus unchanged
service/istio-citadel unchanged
service/servicegraph created
service/istio-sidecar-injector unchanged
deployment.extensions/istio-galley configured
deployment.extensions/istio-ingressgateway configured
deployment.extensions/grafana unchanged
deployment.extensions/istio-policy configured
deployment.extensions/istio-telemetry configured
deployment.extensions/istio-pilot configured
deployment.extensions/prometheus unchanged
deployment.extensions/istio-citadel configured
deployment.extensions/servicegraph created
deployment.extensions/istio-sidecar-injector configured
deployment.extensions/istio-tracing unchanged
horizontalpodautoscaler.autoscaling/istio-ingressgateway unchanged
horizontalpodautoscaler.autoscaling/istio-policy unchanged
horizontalpodautoscaler.autoscaling/istio-telemetry unchanged
horizontalpodautoscaler.autoscaling/istio-pilot unchanged
service/jaeger-query unchanged
service/jaeger-collector unchanged
service/jaeger-agent unchanged
service/zipkin unchanged
service/tracing unchanged
mutatingwebhookconfiguration.admissionregistration.k8s.io/istio-sidecar-injector configured
attributemanifest.config.istio.io/istioproxy unchanged
attributemanifest.config.istio.io/kubernetes unchanged
metric.config.istio.io/requestcount unchanged
metric.config.istio.io/requestduration unchanged
metric.config.istio.io/requestsize unchanged
metric.config.istio.io/responsesize unchanged
metric.config.istio.io/tcpbytesent unchanged
metric.config.istio.io/tcpbytereceived unchanged
metric.config.istio.io/tcpconnectionsopened unchanged
metric.config.istio.io/tcpconnectionsclosed unchanged
handler.config.istio.io/prometheus unchanged
rule.config.istio.io/promhttp unchanged
rule.config.istio.io/promtcp unchanged
rule.config.istio.io/promtcpconnectionopen unchanged
rule.config.istio.io/promtcpconnectionclosed unchanged
handler.config.istio.io/kubernetesenv unchanged
rule.config.istio.io/kubeattrgenrulerule unchanged
rule.config.istio.io/tcpkubeattrgenrulerule unchanged
kubernetes.config.istio.io/attributes unchanged
destinationrule.networking.istio.io/istio-policy unchanged
destinationrule.networking.istio.io/istio-telemetry unchanged
如上,使用helm时报这个错误 Helm: Error: no available release name found
Error: release sitewhere failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
错误的原因大概是因为 tiller没有正确的角色权限。
执行以下命令可解决这个问题。
[root@master servicegraph]# kubectl create serviceaccount --namespace kube-system tiller
serviceaccount/tiller created
[root@master servicegraph]# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created
[root@master servicegraph]# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment.extensions/tiller-deploy patched
2.Prometheus、Grafana、Servicegraph和Jaeger服务创建 Ingress
[root@master istio-1.1.]# vim ingress-istio.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: prometheus
namespace: istio-system
spec:
rules:
- host: prometheus.istio.io
http:
paths:
- path: /
backend:
serviceName: prometheus
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: grafana
namespace: istio-system
spec:
rules:
- host: grafana.istio.io
http:
paths:
- path: /
backend:
serviceName: grafana
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: servicegraph
namespace: istio-system
spec:
rules:
- host: servicegraph.istio.io
http:
paths:
- path: /
backend:
serviceName: servicegraph
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tracing
namespace: istio-system
spec:
rules:
- host: tracing.istio.io
http:
paths:
- path: /
backend:
serviceName: tracing
servicePort:
[root@master istio-1.1.]# kubectl apply -f ingress-istio.yaml
通过 http://grafana.istio.io访问 Grafana 服务
通过http://servicegraph.istio.io访问 ServiceGraph 服务
http://servicegraph.istio.io/force/forcegraph.html: 这是一个交互式的d3.js可视化
http://servicegraph.istio.io/dotviz: 静态graphviz可视化.
http://servicegraph.istio.io/dotgraph: 提供点序列化.
http://servicegraph.istio.io/d3graph: 为D3可视化提供JSON序列化
http://servicegraph.istio.io/graph: 提供通用JSON序列化.
通过 http://tracing.istio.io/访问 Jaeger 跟踪页面:
通过 http://prometheus.istio.io/访问 Prometheus 页面:
参考:https://www.sohu.com/a/244910852_684389
helm安装kubernetes的插件istio的更多相关文章
- Centos 使用kubeadm安装Kubernetes 1.15.3
本来没打算搞这个文章的,第一里面有瑕疵(没搞定的地方),第二在我的Ubuntu 18 Kubernetes集群的安装和部署 以及Helm的安装 也有安装,第三 和社区的问文章比较雷同 https:// ...
- ARM架构安装Kubernetes集群
背景 类型 版本 操作系统 CentOS Linux release 7.6.1810 (AltArch) 内核 Linux master 4.18.0-80.7.2.el7.aarch64 硬件配置 ...
- Kubernetes-使用Helm安装istio
添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...
- kubernetes包管理工具Helm安装
helm官方建议使用tls,首先生成证书. openssl genrsa -out ca.key.pem openssl req -key ca.key.pem -new -x509 -days -s ...
- kubernetes实战(十):k8s使用Helm安装harbor
1.基本概念 对于复杂的应用中间件,需要设置镜像运行的需求.环境变量,并且需要定制存储.网络等设置,最后设计和编写Deployment.Configmap.Service及Ingress等相关yaml ...
- 使用kubeadm安装kubernetes/部署前准备/flannel网络插件/镜像下载/
本文内容参考<kuberneters进阶实战>/马哥的新书/推荐 部署前的准备 主机名称解析 分布式系统环境中的多主机通信通常基于主机名称进行,这在IP地址存在变化的可能性时为主机提供了固 ...
- 使用脚本在Linux服务器上自动安装Kubernetes的包管理器Helm
Helm之于Kubernetes好比yum之于Red Hat Enterprise Linux,或者apt-get之于Ubuntu. Helm是由helm CLI和Tiller组成,是典型的Clien ...
- kubernetes实战篇之helm安装
系列目录 Helm是kubernetes的应用包管理工具,是CNCF孵化器下的一个项目,主要用来管理 Charts.类似于 Ubuntu 中的 APT 或 CentOS 中的 YUM.它提供了一种简单 ...
- Helm 安装部署Kubernetes的dashboard
Kubernetes Dashboard 是 k8s集群的一个 WEB UI管理工具,代码托管在 github 上,地址:https://github.com/kubernetes/dashboard ...
随机推荐
- 用CSS3制作50个超棒动画效果教程
这50个CSS动画集合可以让你通过使用JavaScript函数来让动画更生动.为了能够预览到这些惊人的CSS3技术带来的动画特效,请大家使用如Safari和Chrome这类基于WebKit内核的浏览器 ...
- 笔记43 Spring Web Flow——订购披萨应用详解
一.项目的目录结构 二.订购流程总体设计 三.订购流程的详细设计 1.定义基本流程pizza-flow.xml <?xml version="1.0" encoding=&q ...
- leetcood学习笔记-206-反转链表
题目描述: 最佳解: class Solution(object): def reverseList(self, head): """ :type head: ListN ...
- bzoj1038题解
[题意分析] 求一个下凸壳与一段折线的距离. [解题思路] 先把直线按斜率排序,求出下凸壳,然后枚举所有的顶点的x坐标求最短y坐标差,复杂度O(nlog2n). [参考代码] #include < ...
- 二分图染色+分组背包+bitset优化——hdu5313
首先就是求联通块,每个联通块里记录两个部分的元素个数 目标是使一边的体积接近n/2 那么每个联通块作为一组,进行分组背包,dp[i]表示体积i是否可以被凑出来,可行性背包是可以用bitset优化的 最 ...
- flume配置参数的意义
1.监控端口数据: flume启动: [bingo@hadoop102 flume]$ bin/flume-ng agent --conf conf/ --name a1 --conf-file jo ...
- NOIp2018集训test-9-2(am)
一场讲述谁比谁更傻逼的普及组比赛,证明了 1.老张是魔鬼(为什么有这么多套普及组题??) 2.我最傻逼 第 1 题 谜题 判断1~99哪些数翻转后合法,找到最长的连续合法段的长度,为4,所以n< ...
- NX二次开发-设置对象名称函数UF_OBJ_set_name
NX9+VS2012 #include <uf.h> #include <uf_modl.h> #include <uf_obj.h> UF_initialize( ...
- (转)linux下装tomcat
转载于:http://www.linuxidc.com/Linux/2016-11/136959.htm (linux社区) 1 tomcat介绍 Tomcat 是由 Apache Foundatio ...
- Unity NGUI 多个UIPanel对粒子的剪裁
之前写过一篇单个 UIPanel 对粒子的裁剪,地址是:https://www.cnblogs.com/jietian331/p/5075487.html 但项目中有时会遇到多个UIPanel,如下面 ...